CN101729599B - Method and system for user to access internet through mobile terminal by using broadband network - Google Patents

Method and system for user to access internet through mobile terminal by using broadband network Download PDF

Info

Publication number
CN101729599B
CN101729599B CN200910223987.2A CN200910223987A CN101729599B CN 101729599 B CN101729599 B CN 101729599B CN 200910223987 A CN200910223987 A CN 200910223987A CN 101729599 B CN101729599 B CN 101729599B
Authority
CN
China
Prior art keywords
base station
aaa server
portable terminal
broadband
femto base
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN200910223987.2A
Other languages
Chinese (zh)
Other versions
CN101729599A (en
Inventor
侯光华
谭国权
广小明
司伟
杨明川
张超
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Telecom Corp Ltd
Original Assignee
China Telecom Corp Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Telecom Corp Ltd filed Critical China Telecom Corp Ltd
Priority to CN200910223987.2A priority Critical patent/CN101729599B/en
Publication of CN101729599A publication Critical patent/CN101729599A/en
Application granted granted Critical
Publication of CN101729599B publication Critical patent/CN101729599B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Abstract

The invention discloses a method and a system for the user to access the internet through a mobile terminal by using the broadband network. The method comprises the following steps: an Femto substation terminates the PPP link of the mobile terminal and initiates an PPP link authenticating request for a broadband remote access system; after receiving the authenticating request sent by the broadband remote access system, a wired broadband AAA server forwards the authenticating request to network-side authenticating equipment; the network-side authenticating equipment implements the binding relationship of the broadband accounts of both the Femto substation and a gateway and identifies the binding relationship of the mobile terminal and the Femto substation; after the broadband remote access system receives result that the binding relationship of the mobile terminal and the Femto substation passes the identification, the Femto substation fulfills the PPP link agency function of the mobile terminal, and the mobile terminal obtains the IP address in the broadband remote access system. The problem of the network congestion caused by the access of the user to the internet broadband through the mobile terminal is solved and the user can access to the internet through the mobile terminal by using the broadband network.

Description

Portable terminal utilizes the method and system of broadband network access the Internet
Technical field
The present invention relates to communication technical field, relate in particular to the method and system that a kind of portable terminal utilizes broadband network access the Internet.
Background technology
Femtocell/Femto base station (FAP, Femto Access Point) also is known as Home eNodeB or 3G access point, is a kind of microminiature mobile phone base station equipment.The transmitting power of Femto base station is less, be generally the milliwatt level, so covering radius is also less, is generally 20 meters~50 meters.General maximum 4~6 mobile subscribers that support of the access device of a Femto base station, its air interface meets the 3GPP/3GPP2 standard, therefore is applicable to any existing portable terminal.In appearance, the Femto base station is similar to the access device of Wi-Fi, and size is similar, is applicable to family and small enterprise's working environment.If the Femto base station is set, behind the connection cable broadband, when the user uses the mobile phone dialing phone, can adopt more cheap wire communication mode in family.
Fig. 1 illustrates and utilizes the Femto gateway to provide portable terminal to pass through the structural representation of the system of 3G mobile core network access the Internet in the prior art.As shown in Figure 1, portable terminal mainly comprises portable terminal (MS, Mobile Station) 102, Femto gateway 104,3G mobile core network 106 and the Internet 108 by the system 100 of 3G mobile core network access the Internet; Wherein portable terminal can be 3G mobile, and Femto gateway 104 can be enterprise gateway, home gateway or broadband router, and it includes the Femto base station.Portable terminal 102 is by Femto base station access Femto gateway 104, Femto gateway 104 can access 3G mobile core network 106 by the interface (such as the Iu-cs among the WCDMA and Iu-ps interface) of standard, and accesses (such as the DSL mode) the Internet 108 by the IP address that public network provides; Thereby realize that mobile phone users is by the purpose of 3G mobile core network access the Internet 108.
Along with the develop rapidly of mobile communication technology and universal fast, portable terminal quantity is huge, and in addition, the 3G mobile core network is extremely complicated; Therefore, portable terminal is lower than cable broadband by the bandwidth of 3G mobile core network access the Internet.When the user is more, can cause network congestion, mobile phone users can't connect, or network speed is slow, and user's satisfaction of surfing the Net is relatively poor, and the problems referred to above have become the bottleneck of the development of restriction mobile terminal accessing Internet technology and popularization and have needed to be resolved hurrily.
Summary of the invention
The technical problem that the present invention will solve provides the method and system that a kind of portable terminal utilizes broadband network access the Internet, uses the cable broadband online by the Femto gateway, is convenient to the mobile terminal accessing the Internet and can uses the bandwidth the same with cable broadband.
Another technical problem that the present invention will solve is not do under the prerequisite of large modification in the grid side, alleviates the flow burden of mobile core network side.
One aspect of the present invention provides a kind of portable terminal to utilize the method for broadband network access the Internet, and the method comprises: portable terminal is initiated the PPP connection request of online to the Femto base station; The PPP that the Femto base station stops portable terminal connects, and initiates PPP connection authentication request to the broad band remote connecting system; The broad band remote connecting system is initiated authentication request to the cable broadband aaa server after receiving PPP connection authentication request; After the cable broadband aaa server receives the authentication request of broad band remote connecting system transmission, transmit authentication request to the network side authenticating device; And carry out respectively authentication to " binding relationship of the broadband account number of Femto base station and gateway " and " binding relationship of portable terminal and Femto base station " by the network side authenticating device; After the cable broadband aaa server receives the authentication result that the network side authenticating device returns, send authentication result to the broad band remote connecting system; After the broad band remote connecting system received the authentication result of passing through, Femto finished the base station PPP Connection Proxy function of portable terminal, and portable terminal obtains the IP address from the remote access system of broadband.
Portable terminal provided by the invention utilizes among the embodiment of method of broadband network access the Internet, and the network side authenticating device comprises Femto gateway management system and mobile aaa server; The network side authenticating device is carried out respectively " binding relationship of the broadband account number of Femto base station and gateway " and the authentication of " binding relationship of portable terminal and Femto base station " is further comprised: after the cable broadband aaa server receives the authentication request of broad band remote connecting system transmission, the cable broadband aaa server sends " authentication request of confirming the broadband account number binding relation of Femto base station and gateway " to Femto gateway management system respectively, sends " authentication request of confirming portable terminal and Femto base station binding relation " to mobile aaa server; The binding relationship of the broadband account number of Femto base station and gateway is judged after receiving " authentication request of confirming Femto base station and gateway binding relationship " by Femto gateway management system, and returns the authentication result of binding relationship to the cable broadband aaa server; Mobile aaa server is judged the binding relationship of portable terminal and Femto base station after receiving " authentication request of confirming portable terminal and Femto base station ", and returns the authentication result of binding relationship to the cable broadband aaa server; The cable broadband aaa server is transmitted authentication result to the broad band remote connecting system after receiving respectively the authentication result of the binding relationship that Femto gateway management system and mobile aaa server return.
Portable terminal provided by the invention utilizes among the embodiment of method of broadband network access the Internet, the method also comprises: before portable terminal is initiated the PPP connection request of online to the Femto base station, Femto base station and portable terminal have been finished the authentication in mobile aaa server in advance, and the Femto base station has obtained the interim authentication code of access cable broadband aaa server.
Portable terminal provided by the invention utilizes among the embodiment of method of broadband network access the Internet, and the PPP that initiate to the broad band remote connecting system Femto base station connects the ID that carries portable terminal in the authentication request, ID and the interim authentication code of Femto base station.
Portable terminal provided by the invention utilizes among the embodiment of method of broadband network access the Internet, and the method also comprises: carry connection authentication request information that the Femto base station sends and the line number of gateway in the authentication request that the broad band remote connecting system is initiated to the cable broadband aaa server; Wherein the connection authentication request information of Femto base station transmission includes the ID of portable terminal, ID and the interim authentication code of Femto base station; The telephone line that the line number of gateway uses when being gateway accessing broad band remote connecting system number.
Another aspect of the present invention provides a kind of portable terminal to utilize the system of broadband network access the Internet, this system comprises: portable terminal, be used for initiating to the Femto base station PPP connection request of online, and from the remote access system of broadband, obtain public network IP address, and the access the Internet; The Femto gateway, have the Femto base station, be used for the online PPP connection request that mobile terminal receive sends, and stop the PPP connection of portable terminal, then initiate PPP to the broad band remote connecting system and connect authentication request, and the PPP Connection Proxy function of finishing portable terminal; The broad band remote connecting system be used for to receive the PPP that the Femto gateway sends and connects authentication request, and initiates authentication request to the cable broadband aaa server, and receives the authentication result that authentication that the cable broadband aaa server sends is passed through; The cable broadband aaa server, be used for receiving the authentication request that the broad band remote connecting system sends, and to the transmission of Femto gateway management system " authentication request of affirmation Femto base station and gateway binding relationship ", the result of the binding relationship that reception Femto gateway management system returns, and to mobile aaa server transmission " authentication request of affirmation portable terminal and Femto base station binding relation ", and receive the authentication result that mobile aaa server returns, and send authentication result to the broad band remote connecting system; Femto gateway management system, be used for receiving the affirmation Femto base station of cable broadband aaa server transmission and the request of gateway binding relationship, judge the binding relationship of the broadband account number of Femto base station and gateway, and return the result of binding relationship to the cable broadband aaa server; Mobile aaa server, after being used for receiving " confirming the authentication request of portable terminal and Femto base station binding relation " of cable broadband aaa server transmission, judge the binding relationship of portable terminal and Femto base station, and return the authentication result of binding relationship to the cable broadband aaa server.
Portable terminal provided by the invention utilizes among the embodiment of system of broadband network access the Internet, and the cable broadband aaa server also is used for broadband user's flow is carried out charging; Mobile aaa server also is used for the flow of portable terminal and Femto base station is carried out charging.
Portable terminal provided by the invention utilizes among the embodiment of system of broadband network access the Internet, Femto gateway management system also is used for the binding relationship table of storage gateway and Femto base station, judges the binding relationship of the broadband account number of Femto base station and gateway according to the binding relationship table.
Portable terminal provided by the invention utilizes among the embodiment of system of broadband network access the Internet, and the cable broadband aaa server also is used for the relation table of the binding relationship of the line number of storage gateway and broadband account number.
Portable terminal provided by the invention utilizes among the embodiment of system of broadband network access the Internet, and the Femto gateway also is used for sending authentication request to mobile aaa server, and receives the interim identifying code that sends from mobile aaa server; Mobile aaa server also is used for receiving the authentication request from the Femto gateway, and to the response of Femto gateway return authentication, wherein carries interim authentication code in the authentication response.
Portable terminal provided by the invention utilizes the method and system of broadband network access the Internet, terminal use the cable broadband online, so bandwidth improves greatly by Femto gateway access broadband network, network congestion problem when having avoided heavy traffic is conducive to improve the satisfaction of user's online.Further, portable terminal provided by the invention utilizes in the method and system of broadband network access the Internet, and the mobile core network flow pressure greatly reduces, and wired bandwidth availability ratio improves greatly.
Description of drawings
Fig. 1 illustrates and utilizes the Femto gateway to provide portable terminal to pass through the structural representation of the system of 3G mobile core network access the Internet in the prior art;
Fig. 2 illustrates the flow chart of an embodiment that portable terminal among the present invention utilizes the method for broadband network access the Internet;
Fig. 3 illustrates the structural representation of an embodiment that portable terminal of the present invention utilizes the system of broadband network access the Internet;
Fig. 4 illustrates the flow chart of an embodiment that portable terminal among the present invention utilizes the method for broadband network access the Internet;
Fig. 5 illustrates the structural representation of an embodiment that portable terminal of the present invention utilizes the system of broadband network access the Internet;
Fig. 6 illustrates the flow chart of a specific embodiment that portable terminal of the present invention utilizes the method for broadband network access the Internet;
Fig. 7 illustrates FAP of the present invention obtains an embodiment of interim authentication code again to mobile aaa server schematic flow sheet.
Embodiment
With reference to the accompanying drawings the present invention is described more fully, the various embodiment that the present invention is exemplary are described.
Fig. 2 illustrates the flow chart of an embodiment that portable terminal among the present invention utilizes the method for broadband network access the Internet.
As shown in Figure 2, portable terminal utilizes in the method flow 200 of broadband network access the Internet, step 202, and portable terminal is initiated the PPP connection request of online to the Femto base station.For example, for realizing that portable terminal (MS) is by broadband network access the Internet, Femto base station (FAP) and portable terminal need to be finished the authentication in mobile aaa server in advance, and the Femto base station has obtained the interim authentication code of access cable broadband aaa server; Subsequently, when the user utilizes portable terminal to visit the Internet, initiated the PPP connection request of online to the Femto base station by portable terminal.
Step 204, Femto base station are initiated PPP to the broad band remote connecting system and are connected authentication request.For example, the PPP of Femto base station (FAP) termination portable terminal (MS) connects, and initiates the PPP connection request to broad band remote connecting system (BRAS); The PPP that initiate to the broad band remote connecting system Femto base station connects the ID (such as IMSI) that carries portable terminal in the authentication request, ID and the interim authentication code of Femto base station.
Step 206, the broad band remote connecting system is initiated authentication request to the cable broadband aaa server.For example, broad band remote connecting system (BRAS) receive connect authentication request from the PPP of Femto gateway forwards after, BRAS initiates authentication request to cable broadband aaa server (BB-AAA); Carry the connection authentication request information of Femto base station transmission and the line number of gateway in this authentication request; Wherein the connection authentication request information of Femto base station transmission includes the ID of portable terminal, ID and the interim authentication code of Femto base station; The telephone line that the line number of gateway uses in the time of can being gateway accessing broad band remote connecting system number.
Step 208, the network side authenticating device receives the authentication request that the cable broadband aaa server sends, and carries out the authentication of binding relationship.The BB-AAA server is transmitted to the network side authenticating device with this authentication request message, and is finished the authentication of relevant information by the network side authenticating device after receiving the authentication request of BRAS transmission.In one embodiment of the invention, after the network side authenticating device receives the authentication request of broad band remote connecting system transmission, carry out respectively the identifying procedure of " binding relationship of judging the broadband account number of Femto base station and gateway " and " judging the binding relationship of portable terminal and Femto base station ".
Step 210, the cable broadband aaa server receives the authentication result that the network side authenticating device returns, and sends authentication result to the broad band remote connecting system.For example, after the network side authenticating device executes relevant authentication, to broadband cabled wideband A AA server return authentication result (comprising " authentication result of the binding relationship of the broadband account number of Femto base station and gateway " and " authentication result of the binding relationship of portable terminal and Femto base station ").The cable broadband aaa server is transmitted to the broad band remote connecting system with this authentication result after receiving the authentication result that the network side authenticating device returns again.
Step 212, Femto finishes the base station PPP Connection Proxy function of portable terminal, and portable terminal obtains the IP address from the remote access system of broadband.For example, after the broad band remote connecting system received and authenticates the authentication result of passing through, Femto finished the base station PPP Connection Proxy function of portable terminal, realized the access the Internet thereby portable terminal obtains public network IP address from the remote access system of broadband.
Portable terminal provided by the invention utilizes the method for broadband network access the Internet, and by the PPP agent functionality of Femto gateway, portable terminal uses the cable broadband online, has realized that portable terminal utilizes broadband network access the Internet; And portable terminal can use the bandwidth the same with cable broadband to visit the Internet among the present invention, thereby the network congestion problem that has occurred when having solved the mobile terminal accessing the Internet.
Fig. 3 illustrates the structural representation of an embodiment that portable terminal of the present invention utilizes the system of broadband network access the Internet.
As shown in Figure 3, portable terminal utilizes the system 300 of broadband network access the Internet mainly to comprise: portable terminal 302, Femto gateway 304, broad band remote connecting system 306, cable broadband aaa server 308 and network side authenticating device 310.
Wherein, portable terminal 302 is used for initiating the PPP connection request of online to Femto gateway 304, and obtains public network IP address from broadband remote access system 306, and the access the Internet.Portable terminal 302 can use existing 3G mobile or portable terminal among the present invention.
Femto gateway 304, have the Femto base station, be used for the online PPP connection request that mobile terminal receive 302 sends, and stop the PPP connection of this portable terminal, then initiate PPP to broad band remote connecting system 306 and connect authentication request, and the PPP Connection Proxy function of finishing portable terminal.Femto gateway 304 can be enterprise or the home gateway of supporting the Femto base station among the present invention.
Broad band remote connecting system 306, be used for receiving the PPP connection authentication request that Femto gateway 304 sends, and to cable broadband aaa server 308 initiation authentication request, the authentication result that the authentication that reception cable broadband aaa server 308 sends is passed through, and the public network IP address that the access the Internet is provided to portable terminal 302, thereby so that obtaining public network IP address from the remote access system of broadband, portable terminal realizes the access the Internet, as shown in Figure 3 "----" be the online passage of mobile terminal accessing the Internet.
Cable broadband aaa server 308, be used for receiving the authentication request that broad band remote connecting system 306 sends, and to 310 transmissions " authentication request of Femto base station and gateway binding relationship " of network side authenticating device and " authentication request of portable terminal and Femto base station binding relation ", and receive the authentication result that network side authenticating device 310 returns, and transmit this authentication result to broad band remote connecting system 306; And after receiving the authentication result that network side authenticating device 310 returns, again this authentication result is transmitted to broad band remote connecting system 306.
Network side authenticating device 310, be used for receiving " authentication request of the binding relationship of the broadband account number of judgement Femto base station and gateway " and " judging the authentication request of the binding relationship of portable terminal and Femto base station " of 308 transmissions of cable broadband aaa server, and carry out the identifying procedure to " Femto base station and gateway binding relationship " and " portable terminal and Femto base station side decide to concern "; Then after the authentication result of returning to cable broadband aaa server 308.
Fig. 4 illustrates the flow chart of an embodiment that portable terminal among the present invention utilizes the method for broadband network access the Internet.
As shown in Figure 4, portable terminal utilizes in the method flow 400 of broadband network access the Internet, step 402, and portable terminal is initiated the PPP connection request of online to the Femto base station.For example, for realizing that portable terminal (MS) is by broadband network access the Internet, Femto base station (FAP) and portable terminal need to be finished the authentication in mobile aaa server in advance, and the Femto base station has obtained the interim authentication code of access cable broadband aaa server; Subsequently, when the user utilizes portable terminal to visit the Internet, initiated the PPP connection request of online to the Femto base station by portable terminal.
Step 404, Femto base station are initiated PPP to the broad band remote connecting system and are connected authentication request.For example, the PPP of Femto base station (FAP) termination portable terminal (MS) connects, and initiates the PPP connection request to broad band remote connecting system (BRAS); The PPP that initiate to the broad band remote connecting system Femto base station connects the ID (such as IMSI) that carries portable terminal in the authentication request, ID and the interim authentication code of Femto base station.
Step 406, the broad band remote connecting system is initiated authentication request to the cable broadband aaa server.For example, broad band remote connecting system (BRAS) receive connect authentication request from the PPP of Femto gateway forwards after, BRAS initiates authentication request to cable broadband aaa server (BB-AAA); Carry the connection authentication request information of Femto base station transmission and the line number of gateway in this authentication request; Wherein the connection authentication request information of Femto base station transmission includes the ID of portable terminal, ID and the interim authentication code of Femto base station; The telephone line that the line number of gateway uses in the time of can being gateway accessing broad band remote connecting system number.
Step 408, the cable broadband aaa server sends respectively the authentication request of the binding relationship of the broadband account number of confirming Femto base station and gateway to Femto gateway management system, send the authentication request of confirming portable terminal and Femto base station binding relation to mobile aaa server.For example, after the cable broadband aaa server receives the authentication request of broad band remote connecting system transmission, the cable broadband aaa server is to the authentication request of the binding relationship of the broadband account number of Femto gateway management system transmission affirmation Femto base station and gateway, and the authentication request that sends affirmation portable terminal and Femto base station binding relation to mobile aaa server.
Step 410, the binding relationship of the broadband account number of Femto gateway management system validation Femto base station and gateway.For example, after Femto gateway management system receives " confirming the authentication request of Femto base station and gateway binding relationship " of cable broadband aaa server transmission, the table of comparisons of the binding relationship of storage gateway and Femto base station in the inquiry Femto gateway management system; Confirm that the backward cable broadband aaa server of binding relationship of the broadband account number of the ID of this Femto base station and gateway returns the authentication result of binding relationship.
Step 412, mobile aaa server is confirmed the binding relationship of portable terminal and Femto base station.For example, after mobile aaa server receives " confirming the authentication request of portable terminal and Femto base station binding relation " of cable broadband aaa server transmission, inquire about the line number of storage gateway in the mobile aaa server and the relation table of broadband account number binding relation; Confirm the base station that this Femto base station is legal access, and return the authentication result of binding relationship to the cable broadband aaa server.
Step 414, Femto finishes the base station PPP Connection Proxy function of portable terminal, and portable terminal obtains the IP address from the remote access system of broadband.For example, after the cable broadband aaa server receives respectively the authentication result of the binding relationship that Femto gateway management system and mobile aaa server return, to broad band remote connecting system return authentication result; Femto finishes the base station PPP Connection Proxy function of portable terminal, realizes the access the Internet thereby portable terminal obtains public network IP address from the remote access system of broadband.
Utilize among the embodiment of method of broadband network access the Internet at portable terminal provided by the invention, step 410 and step 412 can executed in parallel, also can successively carry out; Both that is to say and first execution in step 410 to carry out again 412; Also can first execution in step 412 execution in step 410 again.
Portable terminal provided by the invention utilizes the method for broadband network access the Internet, and the cable broadband aaa server adopts Femto gateway management system (FMS) to come the binding relationship of authentication gateway and FAP, and only having unanimously just provides broadband access to connect; Therefore, be conducive to prevent divulging a secret of interim authentication code, improve the fail safe of broadband access.Simultaneously the present invention is by the PPP agent functionality of Femto gateway, and portable terminal uses the cable broadband online, has realized that portable terminal utilizes broadband network access the Internet; And portable terminal can use the bandwidth the same with cable broadband to visit the Internet among the present invention, thereby the network congestion problem that has occurred when having solved the mobile terminal accessing the Internet.
Fig. 5 illustrates the structural representation of an embodiment that portable terminal of the present invention utilizes the system of broadband network access the Internet.As shown in Figure 5, portable terminal utilizes the system 500 of broadband network access the Internet mainly to comprise: portable terminal 502, Femto gateway 504, broad band remote connecting system 506, cable broadband aaa server 508 and network side authenticating device 510.
Wherein, portable terminal 502 is used for initiating the PPP connection request of online to Femto gateway 504, and obtains public network IP address from broadband remote access system 506, and the access the Internet.Portable terminal 502 can use existing 5G mobile phone or portable terminal among the present invention.
Femto gateway 504, have the Femto base station, be used for the online PPP connection request that mobile terminal receive 502 sends, and stop the PPP connection of this portable terminal, then initiate PPP to broad band remote connecting system 506 and connect authentication request, and the PPP Connection Proxy function of finishing portable terminal.Femto gateway 504 can be enterprise or the home gateway of supporting the Femto base station among the present invention.
Broad band remote connecting system 506, be used for receiving the PPP connection authentication request that Femto gateway 504 sends, and to cable broadband aaa server 508 initiation authentication request, the authentication result that the authentication that reception cable broadband aaa server 508 sends is passed through, and provide the public network IP address of access the Internet to portable terminal 502, "----" is the online passage of mobile terminal accessing the Internet as shown in Figure 5.
Cable broadband aaa server 508, be used for receiving the authentication request that broad band remote connecting system 506 sends, and to 510 transmissions " authentication request of Femto base station and gateway binding relationship " of network side authenticating device and " authentication request of portable terminal and Femto base station binding relation ", and receive the authentication result that network side authenticating device 510 returns, and transmit this authentication result to broad band remote connecting system 506; And after receiving the authentication result that network side authenticating device 510 returns, again this authentication result is transmitted to broad band remote connecting system 506.Cable broadband aaa server (BB-AAA) 508 is supported the broadband user among the present invention authentication, charging and mandate, itself and network side authenticating device 510 have two connecting interfaces, are respectively that the authentication interface with Femto gateway management system 512 and mobile aaa server 514 is respectively applied to the binding relationship of portable terminal and Femto base station and the legitimacy of femto base station are authenticated.
Network side authenticating device 510 further comprises Femto gateway management system 512 and mobile aaa server 514.Wherein, Femto gateway management system 512, after being used for receiving " confirming the authentication request of Femto base station and gateway binding relationship " of cable broadband aaa server 508 transmissions, the table of comparisons of the binding relationship of storage gateway and Femto base station in the inquiry Femto gateway management system; Confirm that the backward cable broadband aaa server of binding relationship of the broadband account number of the ID of this Femto base station and gateway returns the authentication result of binding relationship.Femto gateway management system 512 can adopt the gateway management system that supports the TR-069 agreement among the present invention, supports the management to the Femto gateway.This system has the binding relationship of gateway and Femto base station, and provides a northbound interface to call for BB-AAA, is used for confirming the binding relationship of FAP and Femto gateway.
Mobile aaa server 514 after being used for receiving " confirming the authentication request of portable terminal and Femto base station binding relation " of cable broadband aaa server transmission, is inquired about the line number of storage gateway in the mobile aaa server and the relation table of broadband account number binding relation; Confirm the base station that this Femto base station is legal access, and return the authentication result of binding relationship to the cable broadband aaa server.Mobile aaa server 514 is supported 3G portable terminal, Femto base station among the present invention authentication, charging and mandate.In this patent, after the Femto base station authentication passes through, must in authentication result, increase the interim authentication code of femto base station access cable broadband system; Mobile AAA has the interface that receives cable broadband AAA system authentication request, is used for the binding relationship of authentication portable terminal and Femto base station to judge the legitimacy of femto base station.
Utilize among the embodiment of system of broadband network access the Internet at portable terminal provided by the invention, the cable broadband aaa server also is used for broadband user's flow is carried out charging; Mobile aaa server also is used for the flow of portable terminal and Femto base station is carried out charging.
Utilize among the embodiment of system of broadband network access the Internet at portable terminal provided by the invention, the cable broadband aaa server also is used for the relation table of the binding relationship of the line number of storage gateway and broadband account number.
Utilize among the embodiment of system of broadband network access the Internet at portable terminal provided by the invention, the Femto gateway also is used for sending authentication request to mobile aaa server, and receives the interim identifying code that sends from mobile aaa server; Mobile aaa server also is used for receiving the authentication request from the Femto gateway, and to the response of Femto gateway return authentication, wherein carries interim authentication code in the authentication response.
Fig. 6 illustrates the flow chart of a specific embodiment that portable terminal of the present invention utilizes the method for broadband network access the Internet.
As shown in Figure 6, portable terminal utilizes in the method flow 600 of broadband network access the Internet, step 602, Femto base station (FAP) and portable terminal are finished the authentication in mobile aaa server in advance, and the Femto base station has obtained the interim authentication code of access cable broadband aaa server.
Step 604, portable terminal are initiated the PPP connection request of online to the Femto base station.For example, when the user utilizes portable terminal to visit the Internet, initiated the PPP connection request of online to the Femto base station by portable terminal.
Step 606, Femto base station are initiated PPP to the broad band remote connecting system and are connected authentication request.For example, the PPP of Femto base station (FAP) termination portable terminal (MS) connects, and initiates the PPP connection request to broad band remote connecting system (BRAS); The PPP that initiate to the broad band remote connecting system Femto base station connects the ID (such as IMSI) that carries portable terminal in the authentication request, ID and the interim authentication code of Femto base station.
Step 608, the broad band remote connecting system is initiated authentication request to the cable broadband aaa server.For example, broad band remote connecting system (BRAS) receive connect authentication request from the PPP of Femto gateway forwards after, BRAS initiates authentication request to cable broadband aaa server (BB-AAA); Carry the connection authentication request information of Femto base station transmission and the line number of gateway in this authentication request; Wherein the connection authentication request information of Femto base station transmission includes the ID of portable terminal, ID and the interim authentication code of Femto base station; The telephone line that the line number of gateway uses in the time of can being gateway accessing broad band remote connecting system number.
Step 610, cable broadband aaa server send the authentication request of the binding relationship of the broadband account number of confirming Femto base station and gateway to Femto gateway management system.
Step 612, the cable broadband aaa server sends the authentication request of confirming portable terminal and Femto base station binding relation to mobile aaa server, judges the legitimacy of FAP according to the ID corresponding relation of mobile terminal number and Femto base station.
Step 614, the binding relationship of the broadband account number of Femto gateway management system validation Femto base station and gateway.For example, after Femto gateway management system receives " confirming the authentication request of Femto base station and gateway binding relationship " of cable broadband aaa server transmission, the table of comparisons of the binding relationship of storage gateway and Femto base station in the inquiry Femto gateway management system; Confirm that the backward cable broadband aaa server of binding relationship of the broadband account number of the ID of this Femto base station and gateway returns the authentication result of binding relationship.
Step 616, mobile aaa server is confirmed the binding relationship of portable terminal and Femto base station.For example, after mobile aaa server receives " confirming the authentication request of portable terminal and Femto base station binding relation " of cable broadband aaa server transmission, inquire about the line number of storage gateway in the mobile aaa server and the relation table of broadband account number binding relation; Confirm the base station that this Femto base station is legal access, and return the authentication result of binding relationship to the cable broadband aaa server.
Step 618, cable broadband aaa server receive respectively the authentication result of the binding relationship that Femto gateway management system and mobile aaa server return, and to broad band remote connecting system return authentication result, thereby allow the FAP access.
Step 620, Femto finishes the base station PPP Connection Proxy function of portable terminal, and portable terminal obtains public network IP address from the remote access system of broadband, thereby realizes that portable terminal utilizes the broadband-access the Internet.
Portable terminal provided by the invention utilizes the method for broadband network access the Internet, realized that portable terminal uses the cable broadband online by the Femto gateway, and can use the bandwidth the same with cable broadband to visit the Internet, thereby the network congestion problem that has occurred when having solved the mobile terminal accessing the Internet.
Among the present invention, the interim authentication code that carries in the authentication request that the Femto gateway sends to the cable broadband aaa server is pre-assigned by mobile aaa server.Owing to reasons such as mobile network's fault or registration timeouts, the Femto gateway is unregistered when successful, again initiate register flow path, in order to redistribute interim authentication code by mobile aaa server.Fig. 7 illustrates FAP of the present invention obtains the method for interim authentication code again to mobile aaa server the schematic flow sheet of an embodiment.
As shown in Figure 7, FAP obtains in the method flow 700 of interim authentication code again, step 702, and FAP sends authentication request to mobile aaa server.For example, owing to reasons such as mobile network's fault or registration timeouts, the unregistered success of Femto gateway, the Femto gateway sends authentication request to mobile aaa server.
Step 704, mobile aaa server returns new interim authentication code to FAP.For example, after mobile aaa server receives the authentication request of FAP, generate new interim identifying code according to the rule of in advance design (as adopting one group of interim identifying code of random number generating mode, perhaps one group of interim identifying code reserving in advance of operator); And in the authentication response that returns to FAP, carry this new interim authentication code.
Step 706, FAP detects the current portable terminal PPP that has or not and connects.For example, after FAP receives the authentication response that mobile aaa server returns, detect the current PPP interface channel that whether has portable terminal to set up by FAP.If have, execution in step 708; Otherwise, directly jump to step 710.
Step 708, FAP stops the PPP interface channel of the portable terminal of current activation.For example, when FAP detects the current PPP interface channel that has portable terminal to set up by FAP, then FAP stops the current PPP interface channel that is in the portable terminal of state of activation.
Step 710, portable terminal initiate to set up the request that PPP connects again.After portable terminal initiates to set up the PPP connection request to FAP again, the flow process of follow-up execution can be to utilize the identical step of the method flow of broadband network access the Internet with the portable terminal shown in Fig. 2,4,6, will carry the interim authentication code of new acquisition in the authentication request that FAP sends to the broad band remote connecting system.
FAP provided by the invention obtains in the method for interim authentication code again to mobile aaa server, when FAP obtains new interim authentication code because registration timeout, network failure need again to register in mobile aaa server, stopping all activated PPP connects, and use new authentication code to re-start the PPP connection, FAP obtains the interim authentication code that Broadband authentication is used when mobile system is registered, FAP all uses this authentication code to authenticate to broadband system in the PPP connection of acting on behalf of all portable terminals that are linked into FAP; Guaranteed that further the user utilizes portable terminal by fail safe and the agility of broadband network access the Internet.
The method and system that portable terminal provided by the invention utilizes broadband network access the Internet realize the PPP agent functionality by the Femto base station, and termination portable terminal PPP request realizes that at portable terminal and cable broadband aaa server PPP acts on behalf of forwarding capability; Solve the narrow network congestion problem that causes of mobile terminal accessing Internet bandwidth, satisfied the user and utilized portable terminal to pass through the demand of Broadband Network Access the Internet.With reference to the exemplary description of aforementioned the present invention, those skilled in the art can clearly know the present invention and have the following advantages:
1) portable terminal provided by the invention utilizes the method and system of broadband network access the Internet, and by the PPP agent functionality of Femto gateway, portable terminal uses the cable broadband online, has realized that portable terminal utilizes broadband network access the Internet; And portable terminal can use the bandwidth the same with cable broadband to visit the Internet among the present invention, thus the network congestion problem that has occurred when having solved the mobile terminal accessing the Internet, and user satisfaction improves greatly; Also be conducive to simultaneously application and the popularization of new technology.
2) portable terminal provided by the invention utilizes the method and system of broadband network access the Internet, the cable broadband aaa server adopts Femto gateway management system (FMS) to come the binding relationship of authentication gateway and FAP, only having unanimously just provides broadband access to connect, therefore, be conducive to prevent divulging a secret of interim authentication code, improve the fail safe of broadband access.
3) portable terminal provided by the invention utilizes the method and system of broadband network access the Internet, realizes the PPP agent functionality by the Femto base station, and termination portable terminal PPP request realizes that at portable terminal and cable broadband aaa server PPP acts on behalf of forwarding capability; Operator's mobile core network pressure greatly reduces, and wired bandwidth availability ratio improves greatly.
4) FAP provided by the invention obtains in the method for interim authentication code again to mobile aaa server, when FAP obtains new interim authentication code because registration timeout, network failure need again to register in mobile aaa server, stopping all activated PPP connects, and use new authentication code to re-start the PPP connection, FAP obtains the interim authentication code that Broadband authentication is used when mobile system is registered, FAP all uses this authentication code to authenticate to broadband system in the PPP connection of acting on behalf of all portable terminals that are linked into FAP; Guaranteed that further the user utilizes portable terminal by fail safe and the agility of broadband network access the Internet.
Embodiments of the invention provide for example with for the purpose of describing, and are not exhaustively or limit the invention to disclosed form.Many modifications and variations are apparent for the ordinary skill in the art.Selecting and describing embodiment is for better explanation principle of the present invention and practical application, thereby and makes those of ordinary skill in the art can understand the various embodiment with various modifications that the present invention's design is suitable for special-purpose.

Claims (9)

1. a portable terminal utilizes broadband network to access the method for the Internet, it is characterized in that described method comprises:
Described portable terminal is initiated the PPP connection request of online to the Femto base station;
The PPP that described Femto base station stops described portable terminal connects, and initiates PPP connection authentication request to the broad band remote connecting system;
Described broad band remote connecting system is initiated authentication request to the cable broadband aaa server after receiving described PPP connection authentication request;
Described cable broadband aaa server is transmitted authentication request to the network side authenticating device after receiving the authentication request of described broad band remote connecting system transmission; And carry out respectively authentication to " binding relationship of the broadband account number of described Femto base station and gateway " and " binding relationship of described portable terminal and described Femto base station " by described network side authenticating device;
Described cable broadband aaa server sends described authentication result to described broad band remote connecting system after receiving the authentication result that described network side authenticating device returns;
After described broad band remote connecting system received the described authentication result of passing through, described Femto finished the base station PPP Connection Proxy function of described portable terminal, and described portable terminal obtains the IP address from described broad band remote connecting system;
Described network side authenticating device comprises Femto gateway management system and mobile aaa server;
The authentication that described network side authenticating device is carried out respectively " binding relationship of the broadband account number of described Femto base station and gateway " and " binding relationship of described portable terminal and described Femto base station " further comprises:
After described cable broadband aaa server receives the authentication request of described broad band remote connecting system transmission, described cable broadband aaa server sends " authentication request of confirming the broadband account number binding relation of described Femto base station and gateway " to described Femto gateway management system respectively, sends " authentication request of confirming described portable terminal and described Femto base station binding relation " to mobile aaa server;
After described Femto gateway management system receives described " confirming the authentication request of described Femto base station and gateway binding relationship ", judge the binding relationship of the broadband account number of described Femto base station and described gateway, and return the authentication result of binding relationship to described cable broadband aaa server;
After described mobile aaa server receives " authentication request of confirming described portable terminal and described Femto base station ", judge the binding relationship of described portable terminal and described Femto base station, and return the authentication result of binding relationship to described cable broadband aaa server;
Described cable broadband aaa server is transmitted described authentication result to described broad band remote connecting system after receiving respectively the authentication result of the described binding relationship that described Femto gateway management system and described mobile aaa server return.
2. method according to claim 1, it is characterized in that, described method also comprises: before described portable terminal is initiated the PPP connection request of online to the Femto base station, described Femto base station and described portable terminal have been finished the authentication in described mobile aaa server in advance, and described Femto base station has obtained to access the interim authentication code of described cable broadband aaa server.
3. method according to claim 1 is characterized in that, the described PPP that initiate to described broad band remote connecting system described Femto base station connects ID and the interim authentication code that carries the ID of described portable terminal, described Femto base station in the authentication request.
4. method according to claim 1, it is characterized in that described method also comprises: described broad band remote connecting system carries the described connection authentication request information of described Femto base station transmission and the line number of described gateway in the authentication request of described cable broadband aaa server initiation; The described connection authentication request information that wherein said Femto base station sends comprises ID and the interim authentication code of the ID that states to some extent portable terminal, described Femto base station; The telephone line that the line number of described gateway uses when being the described broad band remote connecting system of described gateway accessing number.
5. a portable terminal utilizes broadband network to access the system of the Internet, it is characterized in that described system comprises:
Portable terminal is used for initiating to the Femto base station PPP connection request of online, and obtains public network IP address from described broad band remote connecting system, and the access the Internet;
Described Femto gateway, have the Femto base station, be used for the online PPP connection request that mobile terminal receive sends, and stop the PPP connection of described portable terminal, then initiate PPP to the broad band remote connecting system and connect authentication request, and the PPP Connection Proxy function of finishing described portable terminal;
Described broad band remote connecting system, be used for receiving the described PPP connection authentication request that described Femto gateway sends, and initiate authentication request to the cable broadband aaa server, and receive the described authentication result that authentication that described cable broadband AAA server sends is passed through;
Described cable broadband aaa server, be used for receiving the authentication request that described broad band remote connecting system sends, and to Femto gateway management system transmission " confirming the authentication request of described Femto base station and gateway binding relationship ", receive the result of the described binding relationship that described Femto gateway management system returns, and send " authentication request of confirming described portable terminal and described Femto base station binding relation " to mobile aaa server, and receive the authentication result that described mobile aaa server returns, and send described authentication result to described broad band remote connecting system;
Described Femto gateway management system, be used for receiving the described affirmation described Femto base station of described cable broadband aaa server transmission and the request of gateway binding relationship, judge the binding relationship of the broadband account number of described Femto base station and described gateway, and return the result of binding relationship to described cable broadband aaa server;
Described mobile aaa server, after being used for receiving described " confirming the authentication request of described portable terminal and described Femto base station binding relation " of described cable broadband aaa server transmission, judge the binding relationship of described portable terminal and described Femto base station, and return the authentication result of binding relationship to described cable broadband aaa server.
6. system according to claim 5 is characterized in that, described cable broadband aaa server also is used for broadband user's flow is carried out charging;
Described mobile aaa server also is used for the flow of described portable terminal and described Femto base station is carried out charging.
7. system according to claim 5, it is characterized in that, described Femto gateway management system also is used for storing the binding relationship table of described gateway and described Femto base station, judges the binding relationship of the broadband account number of described Femto base station and described gateway according to described binding relationship table.
8. system according to claim 5 is characterized in that, described cable broadband aaa server also is used for storing the relation table of the binding relationship of the line number of described gateway and broadband account number.
9. system according to claim 5 is characterized in that, described Femto gateway also is used for sending authentication request to described mobile aaa server, and receives the interim authentication code that sends from described mobile aaa server;
Described mobile aaa server also is used for receiving the described authentication request from described Femto gateway, and to described Femto gateway return authentication response, carries interim authentication code in the wherein said authentication response.
CN200910223987.2A 2009-11-20 2009-11-20 Method and system for user to access internet through mobile terminal by using broadband network Active CN101729599B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN200910223987.2A CN101729599B (en) 2009-11-20 2009-11-20 Method and system for user to access internet through mobile terminal by using broadband network

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN200910223987.2A CN101729599B (en) 2009-11-20 2009-11-20 Method and system for user to access internet through mobile terminal by using broadband network

Publications (2)

Publication Number Publication Date
CN101729599A CN101729599A (en) 2010-06-09
CN101729599B true CN101729599B (en) 2013-03-13

Family

ID=42449790

Family Applications (1)

Application Number Title Priority Date Filing Date
CN200910223987.2A Active CN101729599B (en) 2009-11-20 2009-11-20 Method and system for user to access internet through mobile terminal by using broadband network

Country Status (1)

Country Link
CN (1) CN101729599B (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102143601B (en) * 2010-12-20 2014-11-05 华为技术有限公司 Broadband access processing method, radio access network (RAN) and communication system
CN103002443A (en) * 2011-09-16 2013-03-27 中兴通讯股份有限公司 Acceptance control method and acceptance control system
WO2018191854A1 (en) * 2017-04-17 2018-10-25 华为技术有限公司 Method for accessing fixed network and access gateway network element

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101188856A (en) * 2006-11-16 2008-05-28 中国电信股份有限公司 System and method for realizing mobile service via broadband wireless access
CN101335984A (en) * 2007-06-25 2008-12-31 华为技术有限公司 Household miniature base station access control method and system
WO2009045310A2 (en) * 2007-10-04 2009-04-09 Lucent Technologies Inc. Method for authenticating a mobile unit attached to a femtocell that operates according to code division multiple access

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050239453A1 (en) * 2000-11-22 2005-10-27 Vikberg Jari T Mobile communication network

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101188856A (en) * 2006-11-16 2008-05-28 中国电信股份有限公司 System and method for realizing mobile service via broadband wireless access
CN101335984A (en) * 2007-06-25 2008-12-31 华为技术有限公司 Household miniature base station access control method and system
WO2009045310A2 (en) * 2007-10-04 2009-04-09 Lucent Technologies Inc. Method for authenticating a mobile unit attached to a femtocell that operates according to code division multiple access

Non-Patent Citations (4)

* Cited by examiner, † Cited by third party
Title
家庭基站安全机制研究;郑志彬等;《电信科学》;20090415(第4期);全文 *
家庭基站设备认证机制研究;张尼等;《移动通信》;20090708(第13期);全文 *
张尼等.家庭基站设备认证机制研究.《移动通信》.2009,(第13期),
郑志彬等.家庭基站安全机制研究.《电信科学》.2009,(第4期),

Also Published As

Publication number Publication date
CN101729599A (en) 2010-06-09

Similar Documents

Publication Publication Date Title
CN110650070B (en) Household appliance network configuration method and WiFi module
CN101674580B (en) Method for accessing mobile core network by utilizing fixed network
CN101150594B (en) Integrated access method and system for mobile cellular network and WLAN
CN101730268B (en) Femto gateway and method and system for mobile terminal to access network resources
CN101267304B (en) A network access privilege control method, device and system
EP1871065A1 (en) Methods, arrangement and systems for controlling access to a network
US9100384B2 (en) Method and apparatus for accessing heterogeneous networks via wireless local area network
CN103501495A (en) Perception-free WLAN (Wireless Local Area Network) authentication method fusing Portal/Web authentication and MAC (Media Access Control) authentication
CN103037477A (en) Method, server side and client side of family media device accessing to wireless fidelity (wifi) hotspot
CN103297967B (en) A kind of user authen method, Apparatus and system of WLAN (wireless local area network) access
CA2665875A1 (en) Authorizing access to telecommunications networks for mobile devices, such as mobile devices accessing networks via non-traditional entry points
WO2013060129A1 (en) Rapid authentication method, access controller and system for wireless local area network
CN110248364A (en) IOT equipment distribution method, apparatus, equipment and medium
CN103874065A (en) Method and device for judging user position abnormity
CN103517383A (en) A method and a device for the access of a mobile terminal to a household network
CN103369510A (en) APN information configuration method and device
CN101729599B (en) Method and system for user to access internet through mobile terminal by using broadband network
WO2013174098A1 (en) Method, device and system for accessing network based on capwap protocol
CN101800984A (en) Method and server terminal for obtaining WAPI certification and WAPI authentication system
CN105072148A (en) Method and device for building connection with terminal
KR20070088712A (en) Method for setting up connections for access of roaming user terminals to data networks
CN104754689A (en) Home gateway access management method and system
WO2014134819A1 (en) Billing method, access network device and gateway device
CN110856145A (en) IOT device and user binding method, device and medium based on near field authentication
CN106341374A (en) Method and device for restricting access of unlicensed user device to home gateway

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant